Case Study

Modernize IAM Solutions to Avoid Future IT & Regulatory Risks

Technology


Client

Fortune 50 Financial Services Institution

Services

Identity & Access Management, Technology Program Management

Project Overview

The Client recently implemented a new vendor-based platform to modernize its internal identity and access management (IAM) solution with a goal of mitigating major level audit findings resulting from inadequacies within the legacy platform. To guide the migration schedule, the Client pre-defined prioritization for application onboarding based on roles within mission critical processes and financial reporting (e.g., SOX payments). RP deployed a team to assist the capital markets division migrate the prioritized applications to the new platform to help the client avoid future business, technology, and regulatory risks.

Solution

  • The RP team liaised with business and technology stakeholders to ensure the population of applications owned by the capital markets division were migrated according to enterprise and audit schedules.
  • The team reviewed migrating metadata to ensure accuracy and integrity as well as engaged with respective application owners to remediate metadata errors as required.
  • RP was also responsible for coordinating various application-specific activities to validate the migration efforts (i.e., vendor attestations, business roles & access certifications, compliance with separation of duties policies, etc.).
  • Finally, the team implemented foundational governance to maintain division-owned apps.

Impact

  • Successfully migrated division-owned applications and underlying metadata that enabled mission-critical processes and financial reporting in less than six months.
  • Defined roles & responsibilities and a business-as-usual procedure document to ensure application recertifications and attestations are performed on-schedule.
  • Enabled the Client to close-out a significant audit issue and avoid future business, technology, and regulatory risks related to identity and access management.

End-to-End Services, Working Together.

Strategy. Risk. Data. Technology. Reference Point evaluates critical elements all together to build cohesive, lasting value for financial services clients.

See Services See More Cases